Problem solve Get help with specific problems with your technologies, process and projects.

Using a registry key to monitor security template changes

Expert Jeremy Moskowitz advises a reader on whether a unique registry key will prevent admins from making changes to security templates.

I am rolling out a security template through Group Policy for 4,000 desktops. I would like to add a registry key into each desktop to indicate the version of security template which I have rolled out.

In case any other admins replace the security template, and I would know by using this unique registry key. Also by using this registry key, I would also know the number of desktops deployed with the desired security template.

Sure, it's possible to plunk in your own registry key using security templates, but I don't think your ultimate goal is going to be achieved. To me, it sounds like prevention is the most important thing you'll want to perform here. That is, the prevention of other admins stomping over the security template you lay down on those 4,000 desktops. In short, admins are admins, and registry key or not, there's nothing you can do really to stop a fellow admin if he's set on changing it.

Dig Deeper on Windows systems and network management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.